CVE-2018-11228

N/A

Description

Crestron TSW-1060, TSW-760, TSW-560, TSW-1060-NC, TSW-760-NC, and TSW-560-NC devices before 2.001.0037.001 allow unauthenticated remote code execution via a Bash shell service in Crestron Toolbox Protocol (CTP).

CVE Details

CVSS v3.1 ScoreN/A

Published6/8/2018

Last Modified11/21/2024

Sourcenvd

Honeypot Sightings0

Affected Products

crestron:crestron_toolbox_protocol_firmwarecrestron:dmc-strcrestron:tsw-1060crestron:tsw-1060-nccrestron:tsw-560crestron:tsw-560-nccrestron:tsw-760crestron:tsw-760-nc

Weaknesses (CWE)

CWE-94

References

http://www.securityfocus.com/bid/105051(cve@mitre.org)

https://ics-cert.us-cert.gov/advisories/ICSA-18-221-01(cve@mitre.org)

https://support.crestron.com/app/answers/answer_view/a_id/5471/~/the-latest-details-from-crestron-on-security-and-safety-on-the-internet(cve@mitre.org)

http://www.securityfocus.com/bid/105051(af854a3a-2127-422b-91ae-364da2661108)

https://ics-cert.us-cert.gov/advisories/ICSA-18-221-01(af854a3a-2127-422b-91ae-364da2661108)

https://support.crestron.com/app/answers/answer_view/a_id/5471/~/the-latest-details-from-crestron-on-security-and-safety-on-the-internet(af854a3a-2127-422b-91ae-364da2661108)

IOC Correlations

No correlations recorded

This product uses data from the NVD API but is not endorsed or certified by the NVD.